ISignatureSigningAddin
Add-in responsible for signing a given signature object.
Trigger Event(s): When signing using a server-side signature method |
Method | Description | ||
---|---|---|---|
getCertificateChain |
Get signing certificate |
||
Parameter |
Type |
Description |
|
- |
- |
- |
|
Returns |
Type |
Description |
|
certificate |
X509Certificate[] |
Certificate chain to sign the object |
|
sign |
|||
Parameter |
Type |
Description |
|
signAlgorithm |
String |
Signature algorithm (RSA) |
|
data |
byte[] |
Data to be signed |
|
Returns |
Type |
Description |
|
signedHash |
byte[] |
||
verify |
Verifies the signature of a signed data |
||
Parameter |
Type |
Description |
|
signAlgorithm |
String |
Signature algorithm (RSA) |
|
data |
byte[] |
Data to be signed |
|
signedData |
byte[] |
Signed data |
|
Returns |
Type |
Description |
|
result |
boolean |
True if the signature is valid (i.e. from a trusted certificate) |
|
getAlias |
Determine the alias used to retrieve certificates and keys |
||
Parameter |
Type |
Description |
|
- |
- |
- |
|
Returns |
Type |
Description |
|
alias |
String |
Alias of the key used for signing |
eSign brings an out-of-the box implementation for this interface that is described below |
Implementation | Default | Description |
---|---|---|
StaticSignatureSigningAddin |
✓ |
Signs data server-side with a private key that is located in a .p12 file of configurable path and password (add-in configuration parameters) |
Configuration
First the add-in needs to be loaded as an extension,
"_comment" : "List all the extensions to be used",
"extensions" :
[
...
{
"name": "artifact-signing",
"class": "novabase.connect.paperless.esign.core.extensions.impl.StaticSignatureSigningAddin",
"_comment" : "Optional list of parameters of the module",
"params" : {
"keyPath": "${resources}/esign.integrity.p12",
"keyType": "PKCS12",
"keyPass" : "${enc:wciuRn7Osm/VbnLelso+Yg==}"
}
},
...
]
Optionally, set as the default add-in by establishing the class path for the type "artifact_signing"
"_comment" : "List all the default addins to be used",
"addins" :
[
...
{
"type": "artifact_signing",
"extension": "artifact-signing"
},
...
]